package run.bottle.shiro.controller;

import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresRoles;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import run.bottle.shiro.model.dto.Result;

@Api(tags = "用户信息控制器")
@RestController
@RequestMapping("/sys/user")
public class UserController {

    @ApiOperation("拥有 user, admin 角色的用户可以访问下面的页面")
    @GetMapping("/msg")
    @RequiresRoles(logical = Logical.OR, value = {"user", "admin"})
    public Result getMessage() {
        return Result.ok("成功获得信息！");
    }
}
